:Decoder

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 118 **Description** The issue is related to a potential use-after-free in the Ion Engine, where a hashtable could have been mutated while there was a live interior reference, leading to an exploitable crash. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For versions prior to 118, update to version 118 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Ion Engine until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 42.0 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, allowing remote attackers to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. The vulnerabilities can be exploited by remote attackers, potentially leading to arbitrary code execution. **Recommendations** For versions prior to 42.0, update to version 42.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox ESR versions 38.x through 38.7 **Description** The issue is caused by a buffer overflow in the browser engine, which can be exploited by a remote attacker to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code. **Recommendations** For Mozilla Firefox ESR versions 38.x through 38.7, update to version 38.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 26.0 SeaMonkey versions prior to 2.23 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, which can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 26.0, update to version 26.0 or later. For SeaMonkey versions prior to 2.23, update to version 2.23 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 24.0 Thunderbird versions prior to 24.0 SeaMonkey versions prior to 2.21 ALT Linux (affected versions not specified) **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, allowing remote attackers to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 24.0, update to version 24.0 or later. For Thunderbird versions prior to 24.0, update to version 24.0 or later. For SeaMonkey versions prior to 2.21, update to version 2.21 or later. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 22.0 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, which can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For versions prior to 22.0, update to version 22.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 11.0 Thunderbird versions 5.0 through 11.0 SeaMonkey versions prior to 2.9 **Description** The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to jsval.h and the js::array shift function. **Recommendations** For Mozilla Firefox versions 4.x through 11.0, update to a version outside of this range to resolve the issue. For Thunderbird versions 5.0 through 11.0, update to a version outside of this range to resolve the issue. For SeaMonkey versions prior to 2.9, update to version 2.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.5.17 Mozilla Firefox versions 3.6.x prior to 3.6.14 SeaMonkey versions prior to 2.0.12 **Description** A buffer overflow issue exists in the JavaScript engine, potentially allowing remote attackers to execute arbitrary code. This issue involves exception timing and a large number of string values, related to an "atom map" problem. **Recommendations** For Mozilla Firefox versions prior to 3.5.17, update to version 3.5.17 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.14, update to version 3.6.14 or later. For SeaMonkey versions prior to 2.0.12, update to version 2.0.12 or later.